php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #57583 safe_mode throws warnings about missing .htaccess
Submitted: 2007-03-20 14:05 UTC Modified: 2007-03-20 19:00 UTC
From: mkent at magoazul dot com Assigned: pajoye (profile)
Status: Closed Package: htscanner (PECL)
PHP Version: 5.1.5 OS: Linux
Private report: No CVE-ID: None
 [2007-03-20 14:05 UTC] mkent at magoazul dot com
Description:
------------
When safe mode is enabled htscanner throws errors trying to read missing .htaccess files.

Looks like in parse_config_file

stream = php_stream_open_wrapper(file, "r", ENFORCE_SAFE_MODE, NULL)

is triggering php_checkuid_ex which throws a warning.

Reproduce code:
---------------
fix http://magoazul.com/tmp/htscanner-0.8.0-fixwarnings.patch

Expected result:
----------------
No warnings :)

Actual result:
--------------
Warning: Unknown: Unable to access /xx/xx/web/xx.com/joomla/.htaccess in Unknown on line 0

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-03-20 14:25 UTC] pierre dot php at gmail dot com
What is the error message?

stream = php_stream_open_wrapper(file, "r", ENFORCE_SAFE_MODE, NULL) should not raise an error if the file does not exist, NFORCE_SAFE_MODE | REPORT_ERRORS does.

Can you try using 5.1.6 or 5.2.0? I remember a bug in this function in early php versions, report_errors was on by default.
 [2007-03-20 15:19 UTC] mkent at magoazul dot com
Sure, tried with 5.2.1 and I'm getting

Warning: Unknown: Unable to access /xx/xx/web/xx.com/.htaccess in Unknown on line 0

passing the additional REPORT_ERRORS causes the following to be appended to the first warning

Warning: Unknown: failed to open stream: No such file or directory in Unknown on line 0

I've isolated it down to this block in php_checkuid_ex

main/safe_mode.c:92
            if (mode == CHECKUID_DISALLOW_FILE_NOT_EXISTS) {
                if ((flags & CHECKUID_NO_ERRORS) == 0) {
                    php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to access %s", filename);
                }
                return 0;

which makes sense as 

        if (fopen_mode[0] == 'r') {
            mode = CHECKUID_DISALLOW_FILE_NOT_EXISTS;

is set earlier in the function.
 [2007-03-20 15:29 UTC] pierre dot php at gmail dot com
Which error message do you get with 5.1?

"passing the additional REPORT_ERRORS causes the following to be appended to the first warning"

We don't want this mode :)

About your patch, the idea was exactly that avoid the extra stat. But now that we have the cache system in place, the stat impact is less important.
 [2007-03-20 15:58 UTC] pierre dot php at gmail dot com
I just commited a fix based on your patch. I only added a check for safe mode and run stat only if it is true. As you expect, it should fix the problem.
 [2007-03-20 17:02 UTC] mkent at magoazul dot com
Sorry I was trying to get a feel for where the error was being generated,

both php 5.1.5 and php 5.2.1 produced the same error

Warning: Unknown: Unable to access /xx/xx/web/xx.com/joomla/.htaccess in
Unknown on line 0

tried the version in CVS, works great. Thanks.
 [2007-03-20 17:03 UTC] mkent at magoazul dot com
oops, ruined the title sorry :/
 [2007-03-20 19:00 UTC] pierre dot php at gmail dot com
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

Will be in 0.8.1.

Thanks for the detailed report!
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Mon Nov 11 23:01:33 2019 UTC